While card skimming, such as automated teller machine (ATM) magnetic stripe card skimming, has been somewhat curtailed with the issuance of chip-equipped cards (also known as integrated circuit cards or ICCs) by most major card issuers, criminals have responded with new devices, typically referred to as shimming devices. Such shimming devices are designed to steal information from the chip of a chip-equipped card that is the same as the static information stored a magnetic stripe of a magnetic stripe cards. A chip itself is a dynamic device, and it is not possible for criminals to steal the chip dynamic per se. However, the same static information that is stored on a magnetic stripe is also stored on the chip of a chip-equipped card, and it is possible for criminals to steal the static information that is stored on the chip and use that information to clone magnetic stripe cards.
Shimming devices to steal information from a chip may be quite small. For example, a shimming device may be a paper-thin, card-sized shim containing an embedded microchip and flash storage, which a criminal can secretly insert into the card slot itself, where it remains hidden while intercepting chip card data. Such small size makes it much easier for criminals to install such devices, for example, in chip card readers of ATMs and point-of-sale (POS) terminals, as well as access control chip card readers to access locked premises, such as ATM vestibules or lobbies. Further, such shimming devices are more difficult to detect than traditional skimming technology devices.
Thus, while criminals continue to attempt to steal card data, for example, by placing overlays on exterior features of chip card readers, such criminals may now attempt chip-equipped card data theft by installing shimming devices inside chip card readers or chip card reader insert slots. There is a current need for inspection devices and methods that can detect the presence of chip shimmers, as well as external card skimmers, deep insert skimmers, throat skimmers, and card traps, and thus avoid exposing a cardholder's account information to potential theft when the cardholder uses his or her card at a card reader of a terminal, such as an ATM or POS terminal, or at an access control card reader.